alt Hacker NewsNobody gives a damn. What matters is that it works even on a potato.
SMS security only became a problem due to 2FA, which is just one of many use cases, and the failure isn't even technical here but organizational. I agree it should've prompted more pressure to secure the system against SIM-swapping; alas this is too close to the Real World, so the tech industry instead responded with alternative that side-steps the problem by offering zero customer support. No humans to talk to = no humans to social engineer = secure. So much win.
(I'd also say the 2FA proliferation is itself a problem, but that's an unpopular opinion and for a separate discussion.)
> Nobody gives a damn. What matters is that it works even on a potato.
It doesn't work on my computer, nor does it work on my phone when I'm traveling (different SIM), so I give a damn. WhatsApp, iMessage, Signal etc. do both. I really wish there was an open, federated standard (and no, RCS is neither), but until then, I'll use what actually works for me.
SMS just sucks, and I hate that it's become so ubiquitous an authentication method when it's not even secure.